Level 80
@whatthef You don’t “log out” when using token-based authentication. The token is either valid or not.
Feb 2, 2021
5
Level 1
Passport test logout after actingAs
How can I test logout using passport after actingAs? Token revoke doesn't seem to work
Level 1
@martinbean Yes sorry for the wrong wording how can I make the token invalid? $token->revoke() or $token->delete() don't work
Level 80
@whatthef You can’t really expire the token as Passport::actingAs doesn’t actually create a real token; it creates a mock:
1 like
Level 1
@martinbean So there is no way to test the token invalidation with Passport::actingAs? I see it uses Auth::setUser but it doesn't work with Auth::setUser(null).
Level 80
@whatthef No, because like I say: the token is a mock and not an actual token. It’s a test helper.
If you want to test your application with a revoked token, then you’re going to need to generate an actual token yourself and persist it to the database so it can be revoked.
Please or to participate in this conversation.